New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices.
The post New ‘Turtle’ macOS Ransomware Analyzed appeared first on SecurityWeek.
Apple Patches WebKit Flaws Exploited on Older iPhones
Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek.
Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users
Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran.
The post Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users appeared first on SecurityWeek.
Exploitation of Critical ownCloud Vulnerability Begins
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek.
Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine
Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries.
The post Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine appeared first on SecurityWeek.
US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website
Wisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website.
The post US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability
CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek.
Zimbra Zero-Day Exploited to Hack Government Emails
Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.
The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek.
US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea
US government announces the takedown of the IPStorm proxy service botnet and the guilty plea of its creator, a Russian/Moldovan national.
The post US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea appeared first on SecurityWeek.
Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion
Adobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software.
The post Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion appeared first on SecurityWeek.